From f5785c7356f7538306397493b33c859f05886c35 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Mon, 12 Apr 2021 15:11:51 +0200
Subject: prefect: enable SSH

---
 system/prefect.nix                     | 5 +++++
 system/settings/configuration/user.nix | 3 +++
 2 files changed, 8 insertions(+)

diff --git a/system/prefect.nix b/system/prefect.nix
index 188dfd8f..f9146e8e 100644
--- a/system/prefect.nix
+++ b/system/prefect.nix
@@ -73,6 +73,11 @@
   };
   networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];
 
+  services.openssh = {
+    enable = true;
+    openFirewall = false;
+    startWhenNeeded = true;
+  };
   networking.firewall.extraCommands = ''
     iptables  -A nixos-fw -p udp --source 172.30.44.0/24       -j nixos-fw-accept
     iptables  -A nixos-fw -p tcp --source 172.30.44.0/24       -j nixos-fw-accept
diff --git a/system/settings/configuration/user.nix b/system/settings/configuration/user.nix
index e152a91b..5227f057 100644
--- a/system/settings/configuration/user.nix
+++ b/system/settings/configuration/user.nix
@@ -8,5 +8,8 @@
     initialPassword = "password";
     home = "/home/alan";
     uid = 1000;
+    openssh.authorizedKeys.keys = [
+      "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDRIsbc/xJGxEJGCCNT99kQhB1N84jPlPtrqSVF/OxbGenvk2HWbL/q/YpEUkG5eQrfV5jK8nXfNfjSsPDjF96A= alan@alanpearce.eu (sekey)"
+    ];
   };
 }
-- 
cgit 1.4.1